System and method for securely buffering content

ABSTRACT

Systems and methods that securely buffer content are provided. In one embodiment, a system may include, for example, a processor and a memory. The memory may be coupled to the processor. Before content leaves the processor for the memory, the processor may secure the content. After the secured content enters the processor from the memory, the processor may recover the content from the secured content.

RELATED APPLICATIONS

This application makes reference to, claims priority to and claimsbenefit from U.S. Provisional Patent Application Ser. No. 60/413,871,entitled “System and Method for Securely Buffering Content” and filed onSep. 25, 2002; and U.S. Provisional Patent Application Ser. No.60/419,474, entitled “System and Method for Securely Buffering Content”and filed on Oct. 18, 2002.

INCORPORATION BY REFERENCE

The above-referenced United States patent applications are herebyincorporated herein by reference in their entirety.

BACKGROUND OF THE INVENTION

When digitally processing content (e.g., encoding or decoding), memorymay be used for buffering, for example, intermediate results of aprocessing stage or for storing data as it is passed from one processingstage to another. Although content can be secured within a processingchip during a particular process stage, the content is still vulnerable,for example, while being written to, read from or held in a memorybuffer.

FIG. 1 shows a block diagram illustrating an example of a system inwhich content is not secured. The system 10 may include, for example, asignal processing unit 30 coupled to an external memory storage device40 (e.g., a hard drive). The signal processing unit 30 may be part of aset top box 20 that, for example, receives audio and visual content overmultiple channels. The signal processing unit 30 is coupled to theexternal memory storage device 40 via a connection 70. The signalprocessing unit 30 is also coupled to a connection 50 and to aconnection 60. Incoming content is typically encrypted when placed onthe connection 50 from a central content provider (not shown) to thesubscriber. The encrypted content is then decrypted, decoded orotherwise processed by the signal processing unit 30. In processing(e.g., decrypting, decoding, etc.) the incoming content, the signalprocessing unit 30 uses the external memory storage device 40, forexample, for reading and writing content information, for bufferingcontent information during intermediate stages of processing, etc. Whenthe signal processing unit 30 finishes processing the incoming content,the system 10 outputs the desired output content (e.g., audio/visualcontent for a channel for which access has been authorized) on theconnection 60 to another device (e.g., a display device).

However, once the incoming content has been decrypted by the signalprocessing unit 30, the content can become unsecured when stored in theexternal memory storage device 40 or when sent or received on theconnection 70 between the signal processing unit 30 and the externalmemory storage device 40. Thus, unencrypted content may be accessed orcopied by accessing the external memory storage device 40 or by tappingthe connection 70 between the signal processing unit 20 and the externalmemory storage device 40. Such unsecured content may then berebroadcasted, retransmitted or copied for delivery to an unintended orunauthorized audience.

Further limitations and disadvantages of conventional and traditionalapproaches will become apparent to one of ordinary skill in the artthrough comparison of such systems with some aspects of the presentinvention as set forth in the remainder of the present application withreference to the drawings.

BRIEF SUMMARY OF THE INVENTION

Aspects of the present invention may be found in, for example, systemsand methods that securely buffer content. In one embodiment, the presentinvention may provide a system that securely buffers content. The systemmay include, for example, a processor and a memory. The memory may becoupled to the processor. Before content leaves the processor for thememory, the processor may secure the content. After the secured contententers the processor from the memory, the processor may recover thecontent from the secured content.

In another embodiment, the present invention may provide a method thatsecurely buffers content. The method may include one or more of thefollowing: applying a particular security scheme to protect contentbefore leaving a signal processor for a storage device; and recoveringthe content from the protected content after the protected contententers the signal processor from the storage device.

In yet another embodiment, the present invention may provide a methodthat securely buffers content. The method may include one or more of thefollowing: decrypting content received by a first processor of a signalprocessor, the decrypting being performed by a first device adapted todecrypt a first kind of encryption; encrypting the content sent from thefirst processor to a memory before the content leaves the signalprocessor, the encrypting being performed by a second device adapted toperform a second kind of encryption; and decrypting the content receivedby a second processor of the signal processor from the memory after thecontent is received by the signal processor, the decrypting beingperformed by a third device adapted to decrypt the second kind ofencryption.

These and other features and advantages of the present invention may beappreciated from a review of the following detailed description of thepresent invention, along with the accompanying figures in which likereference numerals refer to like parts throughout.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a block diagram illustrating an example of a system inwhich content is not secured.

FIG. 2 shows a block diagram illustrating an embodiment of a system thatsecurely buffers content according to the present invention.

FIG. 3 shows a flow chart illustrating an embodiment of a process thatsecurely buffers content according to the present invention.

FIG. 4 shows a block diagram illustrating an embodiment of a system thatsecurely buffers content according to the present invention.

FIG. 5 shows a block diagram illustrating an embodiment of a system thatsecurely buffers content according to the present information.

FIG. 6 shows a block diagram of an embodiment of a security deviceaccording to the present invention.

DETAILED DESCRIPTION OF THE INVENTION

FIG. 2 shows a block diagram illustrating an embodiment of a system thatsecurely buffers content according to the present invention. The system80 may include, for example, a signal processing unit 100 and a storagedevice 110. The signal processing unit 100 may be part of a set top box90 that, for example, receives audio and visual content over multiplechannels. The signal processing unit 100 may be, for example, anintegrated circuit (IC) chip mounted on a motherboard of the set top box90. However, the present invention need not be limited to set top boxes.The signal processing unit 100 may be adapted to process signals (e.g.,decrypting, decoding, etc.) and may include, for example, one or moreprocessing units. The signal processing unit 100 may be coupled to thestorage device 110 via a connection 140. The signal processing unit 100may also be coupled to a connection 120 and to a connection 130. Theconnections 120, 130, 140 may include, for example, a wire connection, afiber connection, a cable connection or a wireless connection.

The storage device 110 may include, for example, an electrical storagedevice, a mechanical storage device, a magnetic storage device, anoptical storage device, a storage network or any combination thereof. Inan embodiment that employs a set top box, the storage device 110 mayalso be part of the set top box 90 or may be external to the set top box90. In one embodiment, the storage device 100 may be part of the set topbox, but external to the signal processing unit 100. In anotherembodiment, the storage device 100 and the signal processing unit 100may be part of a chip (e.g., an integrated chip). In yet anotherembodiment, the signal processing unit 100 may include the storagedevice 110. For example, the signal processing unit 100 may include thestorage device 100 and a plurality of processing blocks in which thestorage device 100 is external to the plurality of processing blocks,but still part of the signal processing unit 100. The present inventionalso contemplates other arrangements and configurations of the storagedevice 100 in, for example, systems and methods that securely buffercontent.

Incoming content may typically be encrypted when placed on theconnection 120 from a central content provider (not shown) to asubscriber. The encrypted content may then be decrypted, decoded orotherwise processed by the signal processing unit 100. In processing(e.g., decrypting, parsing, filtering, decoding, etc.) the incomingcontent, the signal processing unit 100 may use the storage device 110,for example, for reading and writing content information, for bufferingcontent information during intermediate stages of processing, etc. Whenthe signal processing unit 100 finishes processing the incoming content,the system 80 may then output the desired content (e.g., audio/visualcontent for a channel for which access has been authorized) on theconnection 130 to another device (e.g., a display device). If the outputis an analog signal, then the signal may be sent without security.Alternatively, the resolution of the analog signal may be degraded so asto lower the signal resolution, thereby making it less valuable. In oneembodiment, a watermark may be applied to the analog signal. If theoutput is a digital signal, then digital signal may be secured viaencryption (e.g., digital video interface (DVI), 5C or other encryptionschemes).

FIG. 3 shows a flow chart illustrating an embodiment of a process thatsecurely buffers content according to the present invention. Asdescribed above, the signal processing unit 100 may include one or moreprocessing units that may use the storage device 110 when processingcontent. In query 150, it may be determined whether the signalprocessing unit 100 is sending content to the storage device 110. If thesignal processing unit 100 is sending content to the storage device 110,then the signal processing unit 100 may secure the content beforesending the secured content to the storage device 110. The process maythen be completed. The signal processing unit 100 may secure the contentby, for example, applying a particular type of encryption, applying aparticular type of copy protection, degrading the content or using othermethods or combinations of methods that secure content. The content maybe degraded, for example, by removing a portion of the content,periodically taking out pieces of the content, scrambling portions ofthe content, encrypting portions of the content or by other processesthat degrade the content. In one embodiment, the content may be videocontent and the content may be degraded by partially or wholly degradingat least some I-frames. The proportion of degradation may be aparticular threshold level. The selection of a particular method thatmay secure content may be based on, for example, the type of content,content rate or from which of the one or more processing units of thesignal processing unit 100 the content originates. Thus, for example,content being sent from one kind of processing unit (e.g., a transportprocessing engine) of the signal processing unit 100 to the storagedevice 110 may be secured by a first kind of encryption or copyprotection while content being sent from another kind of processing unit(e.g., a video/audio decoding engine) of the signal processing unit 100to the storage device 110 may be secured by a second kind of encryptionor copy protection. Furthermore, the content rate of differentprocessing units of the signal processing unit 100 may determine whichtype of, for example, encryption/decryption schemes may be used. Forexample, a transport processing engine may have a different content ratethan a video/audio decoding engine. Accordingly, an encryption schemethat may be used with slower content rates may be applicable for thetransport processing engine, but not with the video/audio decodingengine.

If the signal processing unit 100 is not sending content to the storagedevice 110, then, in query 170, it may be determined whether the signalprocessing unit 100 is receiving content from the storage device 110. Ifthe signal processing unit 100 is not receiving content from the storagedevice 110, then the process may be completed. If the signal processingunit 100 is receiving content from the storage device 110, then, in step180, the signal processing unit 100 may recover content after receivingthe secured content. The process may then be completed. The signalprocessing unit 100 may recover the content from the received securedcontent by, for example, decrypting the encrypted content, removing thecopy protection from the copy protected content, enhancing the receiveddegraded content or other methods that recover content from the receivedsecured content. In one embodiment, the signal processing unit 100 mayapply a particular recovery scheme based upon, for example, theparticular processing unit in the signal processing unit 100 thatpreviously handled the content, the type of content, the content rate(e.g., content processing rate) or the particular processing unit in thesignal processing unit 100 that is requesting the content.

FIG. 4 shows a block diagram illustrating an embodiment of a system thatsecurely buffers content according to the present invention. The systemmay include, for example, the signal processing unit 100 and the storagedevice 110. Although the storage device 110 is illustrated as beingexternal to the signal processing unit 100, as described above, thepresent invention also contemplates that signal processing unit 100 mayinclude the storage device 110. The signal processing unit 100 mayinclude, for example, a first processing unit 190 and a secondprocessing unit 200. The first processing unit 190 may be, for example,a data transport engine of a personal video recording (PVR) system. Thesecond processing unit 200 may be, for example, a video and/or an audiodecoding engine. Although the present invention may find applicationwith, for example, PVR systems or set top boxes, the present inventionneed not be so limited. Furthermore, although illustrated with twoprocessing units, the signal processing unit 100 may include more orless than two processing units. The first processing unit 190 mayinclude, for example, a first device 210 that secures content being sentto the storage device 110 and a first device 220 that recovers contentfrom secured content received from the storage device 110. The secondprocessing unit 200 may include, for example, a second device 230 thatsecures content being sent to the storage device 110 and a second device240 that recovers content from secured content received from the storagedevice 110.

The signal processing unit 100 and the storage device 110 may be coupledvia the connection 140. The first processing unit 190 may be coupled toa bus 250 which, in turn, may be coupled to the connection 140. Thefirst devices 210, 220 of the first processing unit 190 may also becoupled to the bus 250. The second processing unit 200 and the seconddevices 230, 240 of the second processing unit 200 may also be coupledto the bus 250. The present invention also contemplates that somecouplings may be achieved via direct connection. In one embodiment, thefirst processing unit 190 may be directly coupled to the secondprocessing unit 200 without the use of a bus (e.g., the bus 250). Inanother embodiment, the first devices 210, 220 and the second devices230, 240 may be directly connected to the storage device 110.

In operation, a content stream may be received by the signal processingunit 100. The incoming content stream may be initially encrypted tosecure content, for example, from a central content provider to a remotesubscriber. The initial decryption may be accomplished by the firstprocessing unit 190 or may be accomplished before the content isreceived by the first processing unit 190. The first processing unit 190may receive the content via the bus 250. The first processing unit 190may process the content. For example, the first processing unit 190 mayprovide the initial decryption or may parse and filter content. Duringthe processing by the first processing unit 190, the first processingunit 190 may buffer information in the storage device 110. Informationto be buffered in the storage device 110 may first be secured via thefirst device 210. The first device 210 may, for example, encrypt, copyprotect or degrade the information before sending the securedinformation to the storage device 110 via the bus 250 and the connection140. Secured information stored in the storage device 110 may also beread by the first processing unit 190. The first device 220 may receivethe secured information from the storage device 110 via the connection140 and the bus 250 and may recover the information from the securedinformation. The first device 220, for example, may decrypt encryptedinformation or may remove copy protection from the copy protectedinformation or may enhance degraded information. When the processing iscomplete, the first processing unit 190 may pass the informationdirectly to the second processing unit via the bus 250. Alternatively,when the processing is completed, the first processing unit 190 maybuffer the information in the storage device 110 after securing theinformation via the first device 210. The buffered and securedinformation stored in the storage device 110 may first pass through thesecond device 240 of the second processing unit 200 in which theinformation is recovered from the secured information. Whether theinformation is passed directly from the first processing unit 190 to thesecond processing unit 200 or the information is recovered from securedinformation from the storage device 110 via the second device 240, thesecond processing unit 200 may then process the information. In oneembodiment, the second processing unit 200 may provide video and/oraudio decoding. As described above, intermediate processing steps of thesecond processing unit 200 may employ the storage device 110 as abuffer. The information to be buffered may be secured via the seconddevice 230 and may be stored in the storage device 110 via the bus 250and the connection 140. The buffered information may later be read bythe second processing unit 200 via the connection 140, the bus 250 andthe second device 240. The second device 240 recovering the informationfrom the buffered, secured information. Thus, in one embodiment, thecontent passed via the connection 140 or stored in the storage device110 is secured.

Although each of the devices 210, 230 may use the same security schemeand each the devices 220, 240 may use the same scheme to recover contentfrom the secured information, the present invention also contemplatesthat different security schemes can be used. The selection of securityschemes may be preset or may be based upon, for example, content type,content rate, origin of content or destination of content. For example,content originating from the first processing unit 190 may use aparticular form of encryption while content originating from the secondprocessing unit 200 may use a different form of encryption. Thus, thedevices 220, 240 may be adapted to know from which processing unit thesecure content is coming. The content stream may be enhanced to includesuch origination information.

FIG. 5 shows a block diagram illustrating an embodiment of a system thatsecurely buffers content according to the present information. Thesystem may include, for example, the signal processing unit 100 and thestorage device 110. Although the storage device 110 is illustrated asbeing external to the signal processing unit 100, as described above,the present invention also contemplates that signal processing unit 100may include the storage device 110. The signal processing unit 100 mayinclude, for example, the first processing unit 190, the secondprocessing unit 200, a bus 260 and a security device 270. Althoughillustrated as two processing units, the signal processing unit 100 mayinclude more or less than two processing units. The first processingunit 190 and the second processing unit 200 may be coupled to the bus260 which, in turn, may be coupled to the security device 270. Thesecurity device 270 may be coupled to the storage device 110 via theconnection 140.

The security device 270 may perform a plurality of tasks and functionsand may accomplish them in parallel or in series. For example, thesecurity device 270 may be adapted to secure content sent from theprocessing units 190, 200 to the storage device 110. In addition, thesecurity device 270 may be adapted to recover content from securedcontent received from the storage device 110. In addition, the securitydevice 270 may include, for example, a direct memory access (DMA)engine. Thus, content buffered by the processing unit 190, 200 duringprocessing may be directly stored in the appropriate storage locationsin the storage device 110. Furthermore, buffered content may be readdirectly from the storage device 110 and, after the content is recoveredfrom the secured content, may be forwarded to the appropriate processingunit 190, 200.

In operation, content processed by the first processing unit 190 or thesecond processing unit 200 may be buffered in the storage device 110.The content to be buffered may be received by the security device 270which may secure the content before using the DMA engine to write thesecured content to a particular storage location in the storage device110. The type of security applied to the content may depend upon, forexample, content type, content rate, source processing unit ordestination processing unit. If the first processing unit 190 or thesecond processing unit 200 needs buffered content, then a read requestmay be sent to the security device 270. The security device 270 may thenread the particular storage location of the storage device 110. Thesecurity device 270 may then receive the secured content and may recoverthe content from the received secured content before forwarding thecontent to the requesting processing unit.

FIG. 6 shows a block diagram of an embodiment of a security deviceaccording to the present invention. The security device 270 may include,for example, a storage interface 280, a security engine 290, a recoveryengine 300, a buffer 310, a bus interface 320 and a controller 330. Thebus 260 may be coupled to the bus interface 320 which, in turn, may becoupled to the buffer 310. The buffer 310 may be coupled to the securityengine 290 and to the recovery engine 300. The security engine 290 andthe recovery engine 300 may be coupled to the storage interface 280.Although not explicitly shown, the controller 330 may be coupled witheach of the components of the security device 270.

In operation, the controller 330 of the security device 270 may receivea write request. Content that is to be buffered in the storage device110 may pass from the bus 260 to the bus interface 320. The content maythen be stored in the buffer 310. The security engine 290 may receivecontent from the buffer 310 and may secure the content. The securityengine 290 may, for example, encrypt the content, copy protect thecontent or degrade the content. The secured data may then be passed onto the storage interface 280. The controller 330 may also providestorage control (e.g., direct memory access) by writing the secured datain a particular location in the storage device 110.

The controller 330 of the security device 270 may also receive a readrequest. Content that is needed by the signal processing unit 100 may beread using the controller 330. The secured content may be received bythe storage interface 280 via the connection 140. The secured contentmay be passed to the recovery engine 300. The recovery engine 300 mayrecover content from the received secured content. The recovery engine300 may, for example, decrypt encrypted content, recover content fromcopy protected content, or recover content from degraded content. Therecovered content may be buffered in the buffer 310 before being sent tothe appropriate processing unit in the signal processing unit 100 viathe bus interface 320 and the bus 260.

While the present invention has been described with reference to certainembodiments, it will be understood by those skilled in the art thatvarious changes may be made and equivalents may be substituted withoutdeparting from the scope of the present invention. In addition, manymodifications may be made to adapt a particular situation or material tothe teachings of the present invention without departing from its scope.Therefore, it is intended that the present invention not be limited tothe particular embodiment disclosed, but that the present invention willinclude all embodiments falling within the scope of the appended claims.

1. A system for securely buffering content, comprising: a signalprocessor; and a memory coupled to the signal processor, wherein thememory and the signal processor are part of an integrated chip, whereinthe signal processor is configured to decrypt, to parse, to filter andto decode content, wherein, before the content leaves the signalprocessor for the memory, the signal processor secures the contentduring intermediate stages of processing, wherein, after the securedcontent enters the signal processor from the memory, the signalprocessor recovers the content from the secured content, wherein thesignal processor is configured to use encryption if an output signal ofthe signal processor is digital and is configured to degrade signalresolution if the output signal of the signal processor is analog,wherein the signal processor is configured to degrade video content bydegrading I-frames in the video content to satisfy a particularthreshold level, wherein the signal processor comprises a firstprocessor and a second processor, the first processor being coupled tothe second processor, wherein the first processor comprises a transportprocessor, wherein the second processor comprises a video decoder,wherein, before the content leaves the transport processor for thememory, the transport processor secures the content, and wherein, afterthe video decoder receives the content secured by the transportprocessor, the video decoder recovers the content from the securedcontent.
 2. The system according to claim 1, wherein the signalprocessor provides copy protection to the content stored in the memoryor to the content transported between the signal processor and thememory.
 3. The system according to claim 1, wherein, if the systemoutputs an analog signal, then the system degrades the analog signal. 4.The system according to claim 1, wherein, if the system outputs ananalog signal, then the system applies a watermark is to the analogsignal.
 5. The system according to claim 1, wherein a first content rateof the first processor determines the type of encryption and/ordecryption scheme used by the first processor.
 6. The system accordingto claim 5, wherein a second content rate of the second processordetermines the type of encryption and/or decryption scheme used by thesecond processor.
 7. The system according to claim 1, wherein the firstprocessor comprises an encryptor, and wherein the second processorcomprises a decryptor that is capable of decrypting the content that hasbeen encrypted by the encryptor.
 8. The system according to claim 1,wherein the signal processor comprises a security block that is coupledto the first processor, to the second processor and to the memory, andwherein the security block secures the content transported from thefirst processor or the second processor to the memory.
 9. The systemaccording to claim 8, wherein the security block encrypts the contenttransported from the first processor or the second processor to thememory.
 10. The system according to claim 9, wherein the security blockdecrypts the encrypted content received by the signal processor from thememory.
 11. The system according to claim 10, wherein the security blockdecrypts the encrypted content transported from the memory to the firstprocessor or the second processor.
 12. The system according to claim 1,wherein the signal processor uses one or more security schemes basedupon from which of the one or more processors the content originates.13. The system according to claim 12, wherein the one or more securityschemes comprise one or more copy protection schemes, one or more typesof encryption or one or more content degradation schemes.
 14. The systemaccording to claim 1, wherein the signal processor comprises one or moreprocessors and a security block, the one or more processors beingcoupled to the security block, and wherein the security block uses oneor more security schemes based upon from which of the one or moreprocessors the content originates.
 15. The system according to claim 14,wherein the one or more security schemes comprise one or more copyprotection schemes, one or more types of encryption or one or morecontent degradation schemes.
 16. A method for securely buffering contentin one or more devices, comprising: providing a signal processor and astorage device on a single integrated chip; applying, by the signalprocessor, a particular security scheme to protect content before thecontent leaves the signal processor for the storage device; andrecovering, by the signal processor, the content from the protectedcontent after the protected content enters the signal processor from thestorage device, wherein applying the particular security schemecomprises applying a particular content degradation scheme if an outputof the signal processor is an analog signal to protect the analog signalfrom copying and applying a particular encryption scheme if the outputof the signal processor is a digital signal, wherein the signalprocessor is configured to select security schemes based on a contentrate and a content type, and wherein the signal processor is configuredto degrade content by degrading I-frames to satisfy a particularthreshold level, and wherein the signal processor is configured to useencryption if an output signal of the signal processor is digital and isconfigured to degrade signal resolution if the output signal of thesignal processor is analog.
 17. The method according to claim 16,wherein applying the particular security scheme comprises applying aparticular encryption scheme and/or applying a particular copyprotection scheme.
 18. The method according to claim 16, wherein aproportion of degradation is based on a particular threshold level. 19.The method according to claim 16, wherein if the output is an analogsignal then a watermark is applied to the analog signal.
 20. The methodaccording to claim 16, wherein the particular content degradation schemecomprises removing portions of the content.
 21. The method according toclaim 16, wherein the signal processor comprises at least twoprocessors, and wherein the particular security scheme applied is basedupon from which of the processors the content originated.
 22. A methodfor securely buffering content in one or more devices, comprising:decrypting content received by a first processor of a signal processor,the decrypting being performed by a first device adapted to decrypt afirst kind of encryption, wherein the first processor is configured todecrypt, to parse and to filter the content; encrypting the content sentfrom the first processor to a memory before the content leaves thesignal processor, the encrypting being performed by a second deviceadapted to perform a second kind of encryption, the second kind ofencryption being different form from the first kind of encryption,wherein the encrypted content sent to the memory is facilitated by adirect memory access engine; and decrypting the content received by asecond processor of the signal processor from the memory after thecontent is received by the signal processor, the decrypting beingperformed by a third device adapted to decrypt the second kind ofencryption, wherein the first processor is configured to select securityschemes based on origin of content, wherein the second processor isconfigured to select security schemes based on origin of content, andwherein the content comprises video content and the signal processor isconfigured to degrade the video content by degrading I-frames of thevideo content, and wherein the signal processor is configured to useencryption if an output signal of the signal processor is digital and isconfigured to degrade signal resolution if the output signal of thesignal processor is analog.
 23. The method according to claim 22,further comprising: encrypting the content sent from the secondprocessor to the memory before the content leaves the signal processor,the encrypting being performed by a fourth device adapted to perform athird kind of encryption.
 24. The method according to claim 23, whereinthe second kind of encryption is different in kind from the third kindof encryption.
 25. The method according to claim 23, wherein the signalprocessor comprises a security block, the security block comprising thesecond device, the third device and the fourth device.
 26. The methodaccording to claim 23, wherein the third device is also adapted todecrypt the third kind of encryption.
 27. The method according to claim23, wherein the second processor comprises the third device and thefourth device.
 28. The method according to claim 22, wherein the signalprocessor comprises a security block, the security block comprising thesecond device and the third device.
 29. The method according to claim22, wherein the first processor comprises the first device and thesecond device.